4799522a15993258c90455edc691b060ca46916d8c6e79c0b1e81e1c730a77f5 | Triage

Sharing

General

Target

5fd98184be3cef3dce7ab0077a84d970_NeikiAnalytics
Size

136KB
Sample

240509-rxzbcshe67
MD5

5fd98184be3cef3dce7ab0077a84d970
SHA1

824993e8329a98ac87b894bc804041808eb1299d
SHA256

4799522a15993258c90455edc691b060ca46916d8c6e79c0b1e81e1c730a77f5
SHA512

27f0c1ff0b8e80237e3f97d55b041e483157087a4607469598a53bca1a941a006c352a41b10a5bc416e0de2a976185a7826f1c0639366ba2dba1cd91fdfeb6b5
SSDEEP

3072:j3M/3gCRvqodERvEfn84nEXk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/gU:b1CtRnEXFtCApaH8m3QIvMWH5H3U

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5fd98184be3cef3dce7ab0077a84d970_NeikiAnalytics
- Size
  
  136KB
- MD5
  
  5fd98184be3cef3dce7ab0077a84d970
- SHA1
  
  824993e8329a98ac87b894bc804041808eb1299d
- SHA256
  
  4799522a15993258c90455edc691b060ca46916d8c6e79c0b1e81e1c730a77f5
- SHA512
  
  27f0c1ff0b8e80237e3f97d55b041e483157087a4607469598a53bca1a941a006c352a41b10a5bc416e0de2a976185a7826f1c0639366ba2dba1cd91fdfeb6b5
- SSDEEP
  
  3072:j3M/3gCRvqodERvEfn84nEXk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/gU:b1CtRnEXFtCApaH8m3QIvMWH5H3U
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2